rconner Posted July 29, 2012 Share Posted July 29, 2012 See Tracking Link The message contains URLs that seem to be completely broken, yet Apple Mail was able to get them to resolve. Could have something to do with translating from UTF-8 to US-ASCII (the URLs contain lots of 8-bit characters). I used tcpdump to watch my browser's conversation with DNS and saw that it had basically stripped out all the 8-bit characters, and somehow magically converted commas to dots. Someday when I have leisure time I'm going to have to look into this, it's a kind of obfuscation I've not seen in a month of Sundays. -- rick Link to comment Share on other sites More sharing options...
Farelf Posted July 29, 2012 Share Posted July 29, 2012 Presumably resolved by IE8 as well but I can't test that. You certainly get some interesting mail Rick - sent from Chile (don't know what it's like now but once every second PC in the land seemed to be "owned"), links to a Ukrainian-registered, Romanian-hosted website which doesn't seem to do any regular business at all. Link to comment Share on other sites More sharing options...
Geek Posted July 30, 2012 Share Posted July 30, 2012 Many browsers when faced with a url like that will automatically insert ".com", then try.net and .org if the .com fails to resolve. In Opera you can turn that off. Haven't found out how to to that in Firefox without an add-on. But it appears to be a sneaky trick to get the spam to work while busting Spamcop's parser. Cheers! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.